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(57) Abstract 
Problem 

[To provide] an encryption key update system 
that enables the encryption keys for all devices that are 
transmitting and receiving data to be updated 
synchronously without requiring complicated operations 
such as the setting and input of an encryption key on the 
part of the user. 

Means to solve 

With this encryption key update system, an 
encryption key list on which are recorded multiple 
encryption keys is distributed in advance to all of the 
devices that perform data encryption with a common 
encryption key method. Furthermore, a program that 
selects one or more encryption keys from this encryption 
key list based on a prescribed rule also is distributed to 
each device. Then, for example, for a given period, each 
device selects 'common encryption key 1 * as the 
encryption key, and automatically sets that key in the 
communication environment. Subsequently, with a given 
date and time as the boundary, each device discards that 
'common encryption key V and selects 'common 
encryption key 2' as the encryption key, which it 
automatically sets in the communication environment. 



[There are no amendments to this patent.] 




Figure 2 



Key: A Encryption key list 

B Common encryption key 



Claims 

1. For an encryption key update system of a communication S5^tem wherein multiple 
devices mutually exchange data while encrypting and decrypting the data by a common key 
method that uses the same encryption key for encryption and decryption, 
an encryption key update system characterized in that each of the aforementioned devices is 
equipped with 

a list holding means that holds an electronic encryption key list in which multiple encryption 
keys are recorded, 

and a selection means that, based on a preset rule, selects one or more encryption keys from the 
multiple encryption keys recorded on the encryption key list held in the aforementioned list 
holding means. 
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2. The encryption key update system recorded in Claim 1, characterized in that each of 
the aforementioned devices has 

a vaHdity period calculation means that, based on a preset rule, calculates a validity period for an 
encryption key selected by the aforementioned selection means, 

and an encryption key update means that causes the aforementioned selection means to select a 
new encryption key when the time period from the selection of an encryption key by the 
aforementioned selection means to the [end of the] period calculated by the aforementioned 
validity period calculation means has elapsed. 

3. The encryption key update system recorded in Claim 1 or 2, characterized in that the 
aforementioned selection means reselects at least one [encryption key] from the encryption keys 
selected the previous time. 

4. The encryption key update system recorded in Claim 1 or 2, characterized in that each 
of the aforementioned devices 

is equipped with a time difference adjustment means that, for only a prescribed period of time 
subsequent to the selection of an encryption key by the aforementioned selection means, adds the 
encryption key prior to that selection as a candidate encryption key for decryption use. 

5. The encryption key update system recorded in Claim 1, 2, 3, or 4, characterized in that 
each of the aforementioned devices is equipped with a list reception means that receives the 
aforementioned encryption key list, and a list update means that updates the encryption key list 
held in the aforementioned list holding means with the encryption key list received by the 
aforementioned list reception means. 

6. For an encryption key update method for a communication system wherein multiple 
devices mutually exchange data while encrypting and decrypting the data by a common key 
method that uses the same encryption key for encryption and decryption, 

an encryption key update method characterized in that each of the aforementioned devices has 
[sic; possibly, executes] 

a step wherein an electronic encryption key list in which multiple encryption keys are recorded is 
held, 

and a step wherein one or more encryption keys from the multiple encryption keys recorded on 
the encryption key list that is held is/are selected based on a preset rule. 

7. The encryption key update method recorded in Claim 6, characterized in that each of 
the devices has 

a step wherein a validity period for an encryption key selected by the aforementioned selection 
means is calculated based on a preset rule, 
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and a step wherein a new encryption key is selected when the time period from the selection of 
the aforementioned encryption key to the [end of the] aforementioned calculated period has 
elapsed. 

8. The encryption key update method recorded in Claim 6 or 7, characterized in that the 
aforementioned selection step reselects at least one [encryption key] from the encryption keys 
selected the previous time. 

9. The encryption key update method recorded in Claim 6 or 7, characterized in that each 
of the aforementioned devices has 

a step wherein, for only a prescribed period of time subsequent to the selection of an encryption 
key, the encryption key prior to that selection is added as a candidate encryption key for 
decryption use. 

10. The encryption key update method recorded in Claim 6, 7, 8, or 9, characterized in 
that each of the aforementioned devices 

has a step wherein the aforementioned encryption key list is received, 

and a step wherein the aforementioned encryption key list that is being held is updated with the 
aforementioned received encryption key list. 

Detailed explanation of the invention 
[0001] 

Technical field of the invention 

The present invention pertains to an encryption key update system and an encryption key 
update method for a communication system wherein data are transmitted and received via 
wireless communication lines, for example; in particular, it pertains to an encryption key update 
system and an encryption key update method that enable the encryption key for all devices that 
are transmitting and receiving data to be updated synchronously without requiring complicated 
operations such as the setting and input of an encryption key on the part of the user. 

[0002] 
Prior art 

In recent years there has been remarkable improvement in data communication 
technology, and communication systems known as the internet and intranets have rapidly spread. 
In addition, recently many businesses have established within their offices wireless LANs (Local 
Area Networks), which transmit and receive data by means of infrared light or radio waves. 
These wireless LANs do not require the laying of cables; therefore, they are flexible with respect 
to the handling of change in office layout due to a restructuring of the organization, for example. 
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[0003] 

With wireless communication that transmits data with infrared light or radio waves, 
leakage of that [data] easily occurs, so countermeasures to prevent data from being intercepted or 
counterfeited by a third party are considered even more critical than with wired communication. 
Therefore, conventionally data encryption methods are widely used. Currently this data 
encryption primarily involves (1) a common encryption key method or (2) a public encryption 
key method, or a combination of the two. 

[0004] 

The common encryption key method is a method whereby the transmitting side (the side 
that encrypts the data) and the receiving side (the side that decrypts the encrypted data) are 
provided with a common encryption key in advance, with both the encryption and decryption 
being performed using the same encryption key. On the other hand, with the public encryption 
key method, two types of keys, a public key and a private key, are generated from a given key, 
and the public key is distributed in advance to the transmitting side. Then, the transmitting side 
encrypts the data using this public key, and the receiving side performs decryption with a private 
key that is paired with this public key. Furthermore, the combination of this common encryption 
key method and pubic encryption key method [results in a method whereby] the common 
encryption key of a common encryption key method is transferred by means of a public 
encryption key method. 

[0005] 

Thus it is possible to prevent the interception or counterfeiting of data by performing data 
encryption and decryption using a common encryption key or a public key and a private key. 

[0006] 

Furthermore, recently a strong demand has developed for the ability to access a company- 
intemal LAN from a remote location such as a trip destination, and to respond to this demand, 
companies such as Canada's Border Network Technologies Corporation and Network Dynamics, 
Inc. of the U.S. have developed user verification systems known as one-time password systems. 

[0007] 

These one-time password systems do not encrypt data; rather, they are systems that 
increase network security by verifying whether a user who is accessing from a remote location is 
a valid user, providing a means by which the side being accessed and the side doing the 
accessing - for example, a firewall on the network side and an expansion unit connected to a 
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mobile computer - are made to generate the same random number simultaneously. Then, the user 
inputs the random number, which is generated/updated once per minute, as a password into an 
input device of the expansion unit, and if that password is recognized, access to the network is 
permitted. 

[0008] 

In other words, with these one-time password systems, each password is a single-use 
password, so it is not necessary to be concerned about theft of the password. 

[0009] 

Problems to be solved by the invention 

However, with data encoding by means of the aforementioned common encryption key 
method, if the same key is used continuously for a long time, the danger that that code will be 
stolen increases. Therefore, work is required to update the key at given intervals. 

[0010] 

However, for example, a wireless LAN encryption key in the IEEE802.1 lb standard can 
be set within 40 bits or within 128 bits, and when an attempt is made to distribute/set a new 
encryption key comprised of 128 bits, the operation is extremely complicated. In addition, [the 
operation] is performed manually, so there is a risk that setting mistakes may occur or that the 
password may be leaked. 

[0011] 

Furthermore, with data encryption with a public encryption key method or data 
encryption with a combination of a common encryption key method and a public encryption key 
method, there is a problem in that it is too difficult to perform the [required] processing at the 
lower layers of the network, such as the hardware and firmware [layer], so implementation is 
difficult. Furthermore, even if implementation were achieved, there would be a problem in that 
the communication capability would be severely reduted. 

[0012] 

On the other hand, a one-time password system is a method that changes the password 
with each use, so it is not necessary to update the key at given intervals, as with data encryption 
with the common encryption key method. However, this one-time password system has the same 
problem, in that the random numbers generated by the system must be input each time by the 
user. 
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[0013] 

The present invention was devised in response to problems of this type, the objective 
being to provide an encryption key update system and an encryption key update method that 
enable the encryption keys for all devices that are transmitting and receiving data to be updated 
synchronously without requiring complicated operations such as the setting and input of an 
encryption key on the part of the user. 



[0014] 

Means to solve the problems 

To achieve the aforementioned objective, the present invention is one whereby one year's 
worth of encryption keys, for example, are distributed in advance to all of the devices, and each 
device uses the same rule as the other devices to select an encryption key therefrom for use in 
encryption and decryption. In addition, for that purpose, the present invention provides an 
encryption key update system that is an encryption key update system of a communication 
system wherein multiple devices mutually exchange data while encrypting and decrypting the 
data by a common key method that uses the same encryption key for encryption and decryption, 
being characterized in that each of the aforementioned devices is equipped with a list holding 
means that holds an electronic encryption key list in which multiple encryption keys are recorded, 
and a selection means that, based on a preset rule, selects one or more encryption keys from the 
multiple encryption keys recorded on the encryption key list held in the aforementioned list 
holding means. 



[0015] 

With the encryption key update system of the present invention, each device selects - 
based on a prescribed rule - an encryption key for use in encryption and decryption from the 
multiple encryption keys provided in advance; therefore, all of the devices are able to update the 
encryption key automatically and synchronously, and the user does not have to perform 
complicated operations such as the setting and input of an encryption key. 

[0016] 

Furthermore, with the encryption key update system of the present invention, it is 
preferable that each of the aforementioned devices have a validity period calculation means that, 
based on a preset rule, calculates a validity period for an encryption key selected by the 
aforementioned selection means, and an encryption key update means that causes the 
aforementioned selection means to select a new encryption key when the time period from the 
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selection of an encryption key by the aforementioned selection means to the [end of the] period 
calculated by the aforementioned validity period calculation means has elapsed. Thus, it is 
possible to provide an irregular update cycle, enabling security to be further improved. 

[0017] 

Furthermore, with the encryption key update system of the present invention, it is 
preferable that the aforementioned selection means reselect at least one [encryption key] from 
the encryption keys selected the previous time. Thus, for example, at least one [encryption key] 
before the update and after the update will match, and the transmission/reception of data will not 
be interrupted when the encryption key is updated. 

[0018] 

Furthermore, with the encryption key update system of the present invention it is 
preferable that each of the aforementioned devices be equipped with a time difference 
adjustment means that, for only a prescribed period of time subsequent to the selection of an 
encryption key by the aforementioned selection means, adds the encryption key prior to that 
selection as a candidate encryption key for decryption use. Thus, discrepancies in the encryption 
key update timing between the multiple devices can be handled within an appropriate range. 

[0019] 

Furthermore, with the encryption key update system of the present invention, it is 
preferable that each of the aforementioned devices be equipped with a list reception means that 
receives the aforementioned encryption key list, and a list update means that updates the 
encryption key list held in the aforementioned list holding means with the encryption key list 
received by the aforementioned list reception means. Thus, after the encryption key list is 
distributed initially and the system is started up, this encryption key list itself can be encrypted 
and transmitted/received, after which the distribution or setting of the encryption key list by the 
user is completely unnecessary. 

[0020] 

Embodiment of the invention 

In the following an embodiment of the present invention will be explained with reference 
to the figures. 
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[0021] 

Figure 1 is a network configuration diagram for a communication system to which an 
encryption key update system according to an embodiment of the present invention is applied. 

[0022] 

As shown in Figure 1, with this communication system, a network management server 
computer 1 and multiple access points 2 are connected to a wired LAN 100. In addition, each 
access point 2 establishes a wireless communication path with a personal computer 3 using 
infi-ared light, radio waves, or the like. 

[0023] 

Network management server computer 1 manages this entire communication system and, 
for example, distributes the encryption key list, to be explained later. Furthermore, the access 
points 2 are devices for the purpose of connecting personal computers 3 to wired LAN 100; they 
possess the same encryption key as personal computers 3, and they exchange data with personal 
computers 3 while encrypting and decrypting the data with this encryption key - in other words, 
while performing encryption with a common encryption key method. 

[0024] 

As many as four of these encryption keys, which are shared between these access points 2 
and personal computers 3, can be set at one time, for example, and when multiple encryption 
keys have been set, the transmitting side performs encryption using one of these. At this time the 
receiving side stores in a packet information indicating the sequence number [of the key] used to 
perform the encryption, and then transmits [said information]. The receiving side uses the 
encryption key indicated by the information stored in this packet to perform decryption. 

[0025] 

In addition, this encryption key update system that is applied to a communication system 
is characterized in that the encryption key(s) shared by these access points 2 and personal 
computers 3 can be updated S)mchronously without requiring complicated operations such as the 
setting and input of an encryption key on the part of the user, and this point will be explained in 
detail in the following. 

[0026] 

Figure 2 is a schematic diagram of the updating of an encryption key implemented with 
this encryption key update system. 
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[0027] 

With this encryption key update system, an encryption key list on which are recorded 
multiple encryption keys is distributed in advance to all of the devices that perform data 
encryption with the common encryption key method - more specifically, to all of the access 
points 2 and personal computers 3. Then, a program that selects one or more encryption keys 
from this encryption key list based on a prescribed rule also is distributed to each device. 

[0028] 

For example, as shown in Figure 2(A), for a given period, each device selects 'common 
encryption key V as the encryption key, and automatically sets that key in the communication 
environment. Subsequently, as shown in Figure 2(B), with a given date and time as the boundary, 
each device discards that 'common encryption key V and selects 'common encryption key 2' as 
the encryption key, which it automatically sets in the communication environment. 

[0029] 

In other words, the result is that the encryption key of each device is updated 
synchronously and security can be increased; in addition, the user is not forced to perform 
complicated operations such as the setting and input of an encryption key. 

[0030] 

Figure 3 is a block diagram showing the structure of the encryption key update system 
with which each device that forms this communication system is provided. 

[0031] 

As for the structures pertaining to this encryption key system, both the access points 2 
and personal computers 3 are provided with the same components, so an example of a personal 
computer 3 will be explained. 

[0032] 

Personal computer 3 has a CPU 3 1, a system memory 32, a floppy disk device 33, a 
magnetic disk device 34, and a wireless signal transmitter/receiver 35. 
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[0033] 

CPU 31 provides overall control for personal computer 3, controlling this personal 
computer 3 as defined by a wireless LAN transmission/reception control program 3 1 1 , an 
encryption key management program 312, an update program 313, and the like. 

[0034] 

System memory 32 is a memory device that serves as the main memory for this personal 
computer 3, and is used to store the encryption key 321 that is actually used at the time for data 
encryption and decryption. 

[0035] 

Floppy disk device 33 and magnetic disk device 34 are memory devices that serve as 
external memory for this personal computer 3, and floppy disk device 33 is used to read an 
encryption key list 341, to be explained later, that is stored on a floppy disk for distribution use. 
Magnetic disk device 34 is used to store the encryption key list 341 that is read fi"om the floppy 
disk by floppy disk device 33. This encryption key list 341 is the encryption key list that was 
explained with reference to Figure 2, and on which multiple encryption keys are recorded in 
advance. 

[0036] 

Wireless signal transmitter/receiver 35 transmits infrared signals to an access point 2 or 
receives infrared signals transmitted from an access point 2 to transport data. 

[0037] 

Next, a case wherein this personal computer 3 transmits data to an access point 2 via 
wireless signal transmitter/receiver 35 and a case wherein data from an access point 2 is received 
via wireless signal transmitter/receiver 35 will be considered. 

[0038] 

When data are transmitted, wireless LAN transmission/reception control program 311 
encrypts the data using any of the encryption keys 321 stored in system memory 32, and these 
encrypted data are transmitted to access point 2 via wireless signal transmitter/receiver 35. At 
this time, information indicating the sequence number of the encryption key 321 that was used is 
stored in a packet. On the other hand, when data are received, to decrypt the data, wireless LAN 
transmission/reception control program 31 1 uses the encryption key 321 - of the encryption keys 
stored in system memory 32 - whose number is specified by the packet. 
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[0039] 

In other words, it can be seen that encryption keys 321 stored in system memory 32 are 
extremely critical in the transmission and reception of data between personal computer 3 and 
access point 2. 

[0040] 

Accordingly, the updating of these encryption keys 321, which is executed by encryption 
key management program 312, will be explained next. 

[0041] 

First, a first operating principle with respect to the updating of encryption keys by means 
of this encryption key management program 312 will be explained with reference to Figure 4. 

[0042] 

Assume that multiple encryption keys (l)-(n) are recorded in encryption key list 341 and 
encryption keys (l)-(4) are initially set in system memory 32 as encryption keys 321. 

[0043] 

After a given period of time has elapsed, based on a prescribed rule, encryption key 
management program 312 selects the pre-existing encryption key (1) from the encryption keys 
321 in system memory 32, and selects encryption keys (5)-(7) from encryption key list 341 in 
magnetic disk device 34, and resets these as the new encryption keys 321 in system memory 32. 

[0044] 

When a given period of time again has elapsed, based on a prescribed rule, encryption 
key management program 312 selects the pre-existing encryption key (5) from the encryption 
keys 321 in system memory 32, and selects encryption keys (18)-(20) from encryption key list 
341 in magnetic disk device 34, and resets these as the new encryption keys 321 in system 
memory 32. 

[0045] 

In the same manner, when a given period of time again has elapsed, based on a prescribed 
rule, encryption key management program 3 12 selects the pre-existing encryption key (19) from 
the encryption keys 321 in system memory 32, and selects encryption keys (32)-(34) from 
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encryption key list 341 in magnetic disk device 34, and resets these as the new encryption keys 
321 in system memory 32. 

[0046] 

In other words, encryption key management program 312 makes one of the four 
encryption keys after the update a dupUcate of [one of the keys] before the update, and thus 
prevents the interruption of data transmission/reception when these encryption keys are updated. 

[0047] 

As for the selection rule, encryption key management program 312 can select encryption 
keys in order from the end of encryption key list 341, but security can be further increased by 
providing irregularity to that order. As a method for providing this irregularity, for example, the 
system time for personal computer 3 can be obtained and a preset function calculation can be 
executed based on the obtained system time to determine the encryption keys to be selected. 

[0048] 

Furthermore, encryption key management program 312 can perform this encryption key 
update at preset time intervals, but security can be further increased by providing irregularity to 
that cycle. As a method for providing this irregularity, for example, the system time for personal 
computer 3 can be obtained and a preset function calculation can be executed based on the 
obtained system time to determine the validity period for each encryption key. 

[0049] 

Next, a second operating principle with respect to the updating of encryption keys by 
means of this encryption key management program 312 will be explained with reference to 
Figure 5. 

[0050] 

Assume that encryption keys (l)-(n) are recorded in encryption key list 341 and 
encryption keys (l)-(2) are initially set in system memory 32 as encryption keys 321. In other 
words, two encryption keys, which is half of the number of four [keys] that can be set at one time, 
have been set. 
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[0051] 

After a given period of time has elapsed, based on a prescribed rule, encryption key 
management program 312 selects encryption keys (5)-(6) from encryption key list 341 in 
magnetic disk device 34, and resets these as the new encryption keys 321 in system memory 32. 

[0052] 

In response thereto, wireless LAN transmission/reception control program 311 takes the 
two encryption keys (5)-(6) as candidate encryption keys to be used when data are encrypted. 
However, for only a prescribed period of time subsequent to the update of these encryption keys, 
wireless LAN transmission/reception control program 311 adds pre-update encryption keys (1)- 
(2) to the two encryption keys (5)-(6) as candidates for data decryption use, bringing the total 
number of keys to four. 

[0053] 

When a given period of time again has elapsed, based on a prescribed rule, encryption 
key management program 312 selects encryption keys (18)-(19) from encryption key list 341 in 
magnetic disk device 34, and resets these as the new encryption keys 321 in system memory 32. 
In response thereto wireless LAN transmission/reception control program 3 1 1 takes the two 
encryption keys (18)-(19) as candidate encryption keys to be used when data are encrypted and, 
for only a prescribed period of time subsequent to the update of these encryption keys, adds the 
pre-update encryption keys (5)-(6) to the two encryption keys (18)-(19) as candidates for data 
decryption use, bringing the total number of keys to four. 

[0054] 

In the same manner, when a given period of time again has elapsed, based on a prescribed 
rule, encryption key management program 312 selects encryption keys (32)-(33) from encryption 
key list 341 in magnetic disk device 34, and resets these as the new encryption keys 321 in 
system memory 32, and wireless LAN transmission/reception control program 311 takes the two 
encryption keys (32)-(33) as candidate encryption keys to be used when data are encrypted and, 
for only a prescribed period of time subsequent to the update of these encryption keys, adds the 
pre-update encryption keys (18)-(19) to the two encryption keys (32)-(33) as candidates for data 
decryption use, bringing the total number of keys to four. 

[0055] 

In other words, encryption key management program 312 is executed without duplicating 
a pre-update encryption key after the update, but wireless LAN transmission/reception control 



15 



program 311 permits [the use of] pre-update encryption keys for only a prescribed period of time, 
and thus discrepancies in the encryption key update timing between the multiple devices can be 
handled within an appropriate range. For this purpose, encryption key management program 312 
makes the number of encryption keys one half or less of the number that can be handled at one 
time. 

[0056] 

Thus, with this encryption key update system, one year's worth of encryption keys, for 
example, is distributed in advance to all of the devices, and each device uses the same rule as the 
other devices to select an encryption key therefrom for use in encryption and decryption; 
therefore, the encryption keys for all of the devices performing data transmission/reception can 
be updated synchronously without requiring complicated operations such as the setting and input 
of an encryption key on the part of the user. 

[0057] 

Next, the operating procedures for this encryption key update system will be explained 
with reference to Figure 6 and Figure 7. 

[0058] 

Figure 6 is a flowchart for the purpose of explaining the operating procedure of 
encryption key management program 312. 

[0059] 

Encryption key management program 312 first obtains the system time for personal 
computer 3 (step Al). When the system time is obtained, encryption key management program 
312 executes a function calculation that has been provided in advance based on the obtained 
system time and selects new encryption keys from encryption key Ust 341 stored in magnetic 
disk device 34 (step A2). 

[0060] 

When the new encryption keys are selected, encryption key management program 312 
sets the selected encryption keys in system memory 32 as encryption keys 321 (step A3). Then, 
based on the previously obtained system time, encryption key management program 312 
executes a function calculation provided in advance for the purpose of calculating the validity 
period, and thus calculates the validity period for the new encryption keys (step A4). 
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[0061] 

Finally, encryption key management program 312 sets a startup timer for the purpose of 
restarting itself after the calculated validity period [has elapsed] (step A5), and the process is 
complete. 

[0062] 

Figure 7 is a flowchart for the purpose of explaining the operating procedure for 
decryption by wireless LAN transmission/reception control program 311. 

[0063] 

When wireless LAN transmission/reception control program 311 receives data from an 
access point 2 via wireless signal transmitter/receiver 35, it attempts to decrypt these data using 
the encryption key - of the encryption keys set in system memory 32 - whose number is 
specified by the packet (step Bl). 

[0064] 

When this decryption succeeds (YES in step B2), the decryption process of wireless LAN 
transmission/reception control program 3 1 1 is complete; however, if it fails (NO in step B2), 
wireless LAN transmission/reception control program 311 checks whether [the current time] is 
within the preset period of time after the update of the encryption keys 321 that are set in system 
memory 32 (step B3). 

[0065] 

If it is within the preset period of time (YES in step B3), wireless LAN 
transmission/reception control program 3 1 1 next attempts to decrypt these data using the old 
encryption key - of the old, pre-update encryption keys - whose number is specified by the 
packet (step B4). 

[0066] 

Then, if the decryption succeeds (YES in step B7 [sic; B5]), decryption by wireless LAN 
transmission/reception control program 31 1 is complete; however, if it fails (NO in step B5), or 
if it is not within the prescribed period of time after the update of the encryption keys 321 (NO in 
step B3), wireless LAN transmission/reception control program 31 1 transmits an error response 
to the access point 2 (step B6). 
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[0067] 

In addition, the operating procedure for decryption by wireless LAN 
transmission/reception control program 311 shown in Figure 7 is [used] when encryption key 
management program 312 updates the encryption keys based on the second operating principle 
shown in Figure 5; when encryption key management program 312 updates the encryption keys 
based on the first operating principle shown in Figure 4 and the decryption in step B2 fails, the 
error response of step B6 can be transmitted. 

[0068] 

Furthermore, after encryption key list 341 is distributed and the system is started up, this 
encryption key list 341 itself can be encrypted and then transmitted and received. Therefore, the 
subsequent storage of encryption key list 341 on a floppy disk for distribution, and the 
distribution thereof, and the reading [of the list] by floppy disk device 33 of each device and the 
setting [of encryption keys] become completely unnecessary. Therefore, with this encryption key 
update system, an update program 3 13 is provided. 

[0069] 

When the encryption key list transmitted from network management server computer 1 is 
received by wireless signal transmitter/receiver 35, first, wireless LAN transmission/reception 
control program 311 decrypts the encryption key list encrypted by access point 2. Next, this 
decrypted encryption key list is transmitted to update program 3 1 3, and the encryption key list 
341 in magnetic disk device 34 is updated by means of update program 313. 

[0070] 

Furthermore, to increase security, it is effective to provide this update program 313 with 
the update fiinction of encryption key management program 3 12. In other words, after a new 
encrypted encryption key management program is transmitted fi-om network management server 
computer 1 and this new encrypted encryption key management program is decrypted by 
wireless LAN transmission/reception control program 311, update program 313 is made to 
update encryption key management program 312. Thus, the encryption key selection rules also 
can be updated without manual intervention, and the risk of theft of the code can be reduced. 

[0071] 

Effect of the invention 

As explained above, by means of the present invention, system one year's worth of 
encryption keys, for example, is distributed in advance to all of the devices, and each device uses 
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the same rule as the other devices to select an encryption key therefrom for use in encryption and 
decryption; consequently, the encryption keys for all of the devices performing data 
transmission/reception can be updated automatically and synchronously without requiring 
complicated operations such as the setting and input of an encryption key on the part of the user. 

[0072] 

Furthermore, by making the encryption key update cycle irregular, security can be further 
increased. 

[0073] 

Furthermore, by using at least one encryption key after an update that is a duplicate of a 
pre-update [encryption key], or by adding a pre-update encryption key as a candidate encryption 
key for decryption use for only a prescribed period of time, it is possible to prevent the 
interruption of data transmission/reception when the encryption keys are updated, or to handle 
discrepancies in the encryption key update timing between the multiple devices within an 
appropriate range. 

Brief description of the figures 

Figure 1 is a network configuration diagram for a commimication system to which an 
encryption key update system according to an embodiment of the present invention is applied. 

Figure 2 is a schematic diagram of the updating of an encryption key implemented with 
the encryption key update system of said embodiment. 

Figure 3 is a block diagram showing the structure of the encryption key update system 
with which each device that forms the communication system of said embodiment is provided. 

Figure 4 is a diagram for the purpose of explaining a first operating principle with respect 
to the updating of an encryption key by means of the encryption key management program of 
said embodiment. 

Figure 5 is a diagram for the purpose of explaining a second operating principle with 
respect to the updating of an encryption key by means of the encryption key management 
program of said embodiment. 

Figure 6 is a flowchart for the purpose of explaining the operating procedure of the 
encryption key management program of said embodiment. 

Figure 7 is a flowchart for the purpose of explaining the operating procedure for 
decryption by a wireless LAN transmission/reception control program of said embodiment. 
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2 Access point 

3 Personal computer 
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32 System memory 
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34 Magnetic disk device 

35 Wireless signal transmitter/receiver 
100 Wired LAN 
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3 1 2 Encryption key management program 

313 Update program 
321 Encryption key 

34 1 Encryption key' list 
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B Common encryption key 
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31 CPU 

32 System memory 

33 Floppy disk device 

34 Magnetic disk device 
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311 Wireless LAN transmission/reception control program 

312 Encryption key control program 

3 1 3 Update program 

3 1 2 [sic; 321] Encryption key 

34 1 Encryption key list 
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Figure 6 
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Key: A Start 

B End 

Al Obtain system time 

A2 Select new encryption keys based on obtained system time 

A3 Replace encryption keys 

A4 Calculate validity period for new encryption keys based on obtained system time 

A5 Set startup timer [for restart] after calculated validity period 
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Figure 7 



Key: A Start 

B End 

Bl Decrypt message with encryption key whose number is specified by packet 

B2 Decryption successful? 

B3 Is [current time] within prescribed time period subsequent to encryption key 
update? 

B4 Decrypt message with old encryption key whose number is specified by packet 

B5 Decryption successful? 

B6 Transmit error 
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«-^*!ia{4#^TT'S) ^^^ht {X'r yy 
B2iONO) , iE|aLAN3^^fiSiJfflirc?:/9A3 1 1 

(4, '^xt-m.^ u 3 2 izm.^^tifzvmm 3 2\ <rm 
rB3 ) , 

[0065] fib^i^tyixi-z'm^PrChixl.i {Xy--^y 
B3C7)YES) , to^LANili^ftMtJPrni/^i^S 1 
l..{4, ^JK{4, Mfrffirc7)|BBfrfJt04'<7)yN°^-y h-c-t^S 
|lifc#-^<^)IBBf^jl^fflV ^ <D^-'S^<Dm.^t:W>^ 
^ (;;?^^-yTB4) ,, 

. [ 6:6 6 6 ] ^ LT , ffi-^3?;<^?ft-rtt(4' ( X^ "/ rBl 
OYES) , 4Ei8LANji^fiilJtS(rn^"7A3 1 It 
J:S«-^«iai4*ITi:'5r'9, -:^r, ^m^ht^ (X-f y 
T-BSONO) , Sb-i>V^{4, Bf^St3 2 1<7)^*»^^ 

ox.jm\^Anm^mmmrn^yM.3 1 1{4, 

■fe;^;K'f yh2lCX9-ig^$-ii*irr^ (Xx-yTB 
6) . 

[0 0 67] ^ii, ;cO[17T-^t/v:te^LANj||^fi 

$ij^rai/7A3 1 icr>w.nmzin^i,m^^m,t, Bf 
■f«^rn^^9A3 1 2*«ia5tc^L3t|g2C0i&f^M 

aT'Bf-^Srsfr-rsi§-&cot£7)TS>o, Bi-^irtsr 

a^^7 A 3 1 2 tfimA \.z^ Ltz^ 1 oaf^na-c'Bi-f^ 
5:|gfrf SJ^-&t:{4, Xt^vT-B 2lct5{tl.S-^*>'5«^J» 
L^rBJfj^it:-, Xx>yTB6<^)X7-iI¥«oa«I$r^f;H? 

i:C:6-C\ COBi^ii'jxh34 l^ge^li 

vxxA ^zmt. :i<r>vmm u x h 3 4 

f ifit^Hf-^'fb tXjSS-r-l.^ i: *^-C'§ hXo t'SrS » 
Ut^if-oX. ^tl]m\t. ia^J5fflc7)70-yb-^f-'^Xi? 
CBg4a U X b 3 4 1 ^tSa^ LT ieffi L , ^^WMX'y 
o -y e >f X ^ x^'ilS 3 3 tc J: OM^aj LTfg^-r^^: 
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T yr7-'-hrni/5A3 1 3tcJ:-?T, 

4x^mm.3A cms^m u x h 3 4 1 ct)^*^^ 

[00 7 0] S^i. ■fe^j.Ux'f S:i:OlS*^)-i>^*^t=. 
C:cOT-yrT"-hrn:/5i*3 1 3t. Bf^lTl^T'? 
A 3 1 2 c7)Mfr«tg$: i> /i-tirl. >I t %>^X'hi " 

MSfi$lJ«roi5''^A3 1 1 WI-tS-(t/tf^. r-yTx 
--hro:/^A3 1 3{CBt^l|'tSrnj?'9A3 1 20 

[00 7 11 

[ 0 0 7 2 ] Bf^it^osfh^-f i'MzT^mm^f; 

bij^mb^t. /. i' t:b 

[0 0 7 3] §^>tc. /chxJfMfrmiiilE^f^fcT'E^ 



fitzm^fmzm'owMmcom^mim.^m<r>v§^m<^m 

mzMt^zbizj^'o. «§^m<^mmmzh^'-^<7:>m 
^m^^m^^hzb^m±L. mw<^mm 
mx'cr)smmcr)W.m^^ s.yycr)^ftl^mm^mm}i^x' 
m.m•?>:lb^^^mb't&> 

[01] z<r,^mc^mmmmizi^m^^^i^x^j^ 

im2] mmtmm<^m^mms^x^j^x'm^^ti^ 

ms] mmmmmcommi^x^j^^m^-th^mmiz 

[114] mmmmmcrivs^m^y^y^Mzxm^ 
[116] mmmmmcosmmw^y'u:}^^j^<Dmi^^m 

3 1— CPU 

•^n -yt-f T> X;7 

•r-yrf-brn^^9A 
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